teidesu/nixfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(koi): use security.acme.defaults

Browse source
This commit is contained in:
alina 🌸 2024-11-23 16:40:44 +03:00
parent 5fe8c75a26
commit b893d6e21e
Signed by: teidesu
SSH key fingerprint: SHA256:uNeCpw6aTSU4aIObXLvHfLkDa82HWH9EiOj9AXOIRpI
1 changed files with 14 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
hosts/koi/services/nginx.nix
View file

@ -66,9 +66,8 @@
systemd.services.nginx.after = [ "coredns.service" ]; systemd.services.nginx.after = [ "coredns.service" ];
security.acme.acceptTerms = true; security.acme.acceptTerms = true;
security.acme.defaults.dnsResolver = "8.8.8.8:53"; # coredns tends to cache these too much security.acme.defaults = {
security.acme.certs = let dnsResolver = "8.8.8.8:53"; # coredns tends to cache these too much
common = {
email = "alina@tei.su"; email = "alina@tei.su";
group = "nginx"; group = "nginx";
dnsProvider = "cloudflare"; dnsProvider = "cloudflare";
@ -77,17 +76,17 @@
"CLOUDFLARE_API_KEY_FILE" = config.desu.secrets.cloudflare-token.path; "CLOUDFLARE_API_KEY_FILE" = config.desu.secrets.cloudflare-token.path;
}; };
}; };
in { security.acme.certs = {
"stupid.fish" = common // { "stupid.fish" = {
extraDomainNames = [ "*.stupid.fish" ]; extraDomainNames = [ "*.stupid.fish" ];
}; };
"tei.su" = common // { "tei.su" = {
extraDomainNames = [ "*.tei.su" ]; extraDomainNames = [ "*.tei.su" ];
}; };
"tei.pet" = common // { "tei.pet" = {
extraDomainNames = [ "*.tei.pet" ]; extraDomainNames = [ "*.tei.pet" ];
}; };
"s3.stupid.fish" = common // { "s3.stupid.fish" = {
extraDomainNames = [ "*.s3.stupid.fish" ]; extraDomainNames = [ "*.s3.stupid.fish" ];
}; };
}; };